Resources

Secure Server

SHARE

A secure server is a web server that supports any of the major
security protocols, such as SSL, that encrypt and decrypt messages to
protect them against third-party tampering or fraudulent use. Making
purchases from a secure web server ensures that a customer’s payment and
personal information can be translated into a secret code that is
virtually impossible to break. The major security protocols operating
today online include SSL, PCT, S-HTTP and IPSec.

SSL is an acronym for Secure Sockets Layer, a protocol that Netscape
Communications Corporation developed for the transmission of private
documents online. SSL employs a complex cryptographic system that uses
two keys to encrypt data – a public key known to everyone and a private
key known only to the recipient of the message. Many websites, including
Internet Explorer and Netscape Navigator, support SSL, as well as use
this protocol to attain private user information, like the numbers of
credit cards and related account data. Traditionally, URLs which require
an SSL connection begin with “https” instead of “http” with the
additional “s” signifying that it is a secure connection.

Hypertext Protocols

Secure HTTP (or S-HTTP) is another protocol for transmitting data
securely over the web. While SSL makes a secure connection between a
server and client, of which volume of data can be securely sent, S-HTTP,
on the other hand, is intended to securely transmit discrete messages.
S-HTTP and SSL, in this light, can be seen as complementary
technologies. Each of these protocols has been approved as a standard in
the field by the Internet Engineering Task Force.

S-HTTP, developed by Enterprise Integration Technologies, is an
expansion of HTTP protocol that supports sending data safely over the
web. Every web server and browser does not support S-HTTP. SSL is more
widespread. S-HTTP and SSL, however, have largely dissimilar goals and
designs, so it is ultimately possible to use these protocols together.
While SSL is a security protocol intended to launch a safe connection
between two different computing devices, the design of S-HTTP is to
securely send single messages.

Security Sets and Suites

IPSec, which is an abbreviation for IP Security, is a group of online
protocols for security that a body known as Internet Engineering Task
Force developed in order to support the exchange of packets at the IP
(Internet Protocol) layer securely. IPSec has been set up extensively to
execute Virtual Private Networks, or VPN’s, in which public networks
connect private ones, such as those used for a company or organization.

There are two encryption modes that IPSec supports, known as Tunnel
and Transport. The Transport variation encrypts the payload data portion
of every packet only, but the header remains untouched. The
significantly safer Tunnel mode encrypts the payload and the header.
Where it is received, each of these transmissions is an IPSec-compliant
mechanism that decrypts every individual packet of information.

In order for IPSec to operate smoothly, receiving and sending devices
have to split a public key. This is done through a protocol called Key
Management Protocol/Oakley and Internet Security Association, something
that enables the receiver of the information at hand to attain a public
key and authenticate the sender of the information with digital
certificates.

Encrypt, Decrypt

The translation of data into a secret code is what is known as
encryption. Encryption is possibly the most effective way to achieve
data security today. In order to read an encrypted file, a user has to
have access to a private password that enables them to actually decrypt
it. Unencrypted data is known as plain text, whereas encrypted data is
known as cipher text. There are two main types of encryption. The first
one is called asymmetric encryption or public-key encryption. The second
type of encryption is known as symmetric encryption.

The process of decoding data that has been encrypted into a secret
format, conversely, is known as decryption. Decryption requires a secret
key or password.

Operating a secure server allows merchants to conduct e-commerce or
other sensitive exchanges of information and crucial data with a
merchant’s visitors and customers in a way that will make them feel more
comfortable doing business.

SSL provides two basic ingredients of security. The first is safe
passage of information. The customer and merchant data cannot be decoded
by any party that might intercept the communications. The second is
what as known as server authentication. If a merchant’s server is
granted a certificate by a Certificate Authority, the merchant’s
customers can protect themselves from being redirected (to another
server that is falsely representing itself to be the merchant’s) simply
by checking the contents of that certificate.

MerchantWarehouse.com is a registered ISO/MSP of the following banks: US Bank-Minneapolis MN, National Association Buffalo, NY.MerchantWarehouse.com is a registered ISO of Wells Fargo Bank, N.A., Walnut Creek, CA. American Express requires separate approval.